UNPKG

@elastic/eui

Version:

Elastic UI Component Library

32 lines (29 loc) 1.14 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.getSecureRelForTarget = void 0; /* * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one * or more contributor license agreements. Licensed under the Elastic License * 2.0 and the Server Side Public License, v 1; you may not use this file except * in compliance with, at your election, the Elastic License 2.0 or the Server * Side Public License, v 1. */ /** * Secures outbound links. For more info: * https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/ */ var getSecureRelForTarget = exports.getSecureRelForTarget = function getSecureRelForTarget(_ref) { var _ref$target = _ref.target, target = _ref$target === void 0 ? '' : _ref$target, rel = _ref.rel; var relParts = !!rel ? rel.split(' ').filter(function (part) { return !!part.length && part !== 'noreferrer'; }) : []; relParts.push('noreferrer'); if (target.includes('_blank') && relParts.indexOf('noopener') === -1) { relParts.push('noopener'); } return relParts.sort().join(' ').trim(); };